cloud-auth.trait.php — LiteSpeed Cache 7.8.1

litespeed-cache / src / cloud-auth.trait.php

litespeed-cache / src Last commit date

cloud-auth.trait.php

375 lines

1	<?php
2	/**
3	* Cloud auth trait
4	*
5	* @package LiteSpeed
6	* @since 7.8
7	*/
8
9	namespace LiteSpeed;
10
11	defined( 'WPINC' ) \|\| exit();
12
13	/**
14	* Trait Cloud_Auth
15	*
16	* Handles QUIC.cloud activation, authentication, and CDN setup.
17	*/
18	trait Cloud_Auth {
19	use Cloud_Auth_Callback;
20	use Cloud_Auth_IP;
21
22	/**
23	* Init QC setup preparation
24	*
25	* @since 7.0
26	*/
27	public function init_qc_prepare() {
28	if ( empty( $this->_summary['sk_b64'] ) ) {
29	$keypair = sodium_crypto_sign_keypair();
30	$pk = base64_encode( sodium_crypto_sign_publickey( $keypair ) ); // phpcs:ignore WordPress.PHP.DiscouragedPHPFunctions.obfuscation_base64_encode
31	$sk = base64_encode( sodium_crypto_sign_secretkey( $keypair ) ); // phpcs:ignore WordPress.PHP.DiscouragedPHPFunctions.obfuscation_base64_encode
32	$this->_summary['pk_b64'] = $pk;
33	$this->_summary['sk_b64'] = $sk;
34	$this->save_summary();
35	// ATM `qc_activated` = null
36	return true;
37	}
38
39	return false;
40	}
41
42	/**
43	* Init QC setup
44	*
45	* @since 7.0
46	*/
47	public function init_qc() {
48	$this->init_qc_prepare();
49
50	$ref = $this->_get_ref_url();
51
52	// WPAPI REST echo dryrun
53	$echobox = self::post( self::API_REST_ECHO, false, 60 );
54	if ( false === $echobox ) {
55	self::debugErr( 'REST Echo Failed!' );
56	$msg = __( "QUIC.cloud's access to your WP REST API seems to be blocked.", 'litespeed-cache' );
57	Admin_Display::error( $msg );
58	wp_safe_redirect( $ref );
59	exit;
60	}
61
62	self::debug( 'echo succeeded' );
63
64	// Load separate thread echoed data from storage
65	if ( empty( $echobox['wpapi_ts'] ) \|\| empty( $echobox['wpapi_signature_b64'] ) ) {
66	Admin_Display::error( __( 'Failed to get echo data from WPAPI', 'litespeed-cache' ) );
67	wp_safe_redirect( $ref );
68	exit;
69	}
70
71	$data = [
72	'wp_pk_b64' => $this->_summary['pk_b64'],
73	'wpapi_ts' => $echobox['wpapi_ts'],
74	'wpapi_signature_b64' => $echobox['wpapi_signature_b64'],
75	];
76	$server_ip = $this->conf( self::O_SERVER_IP );
77	if ( $server_ip ) {
78	$data['server_ip'] = $server_ip;
79	}
80
81	// Activation redirect
82	$param = [
83	'site_url' => site_url(),
84	'ver' => Core::VER,
85	'data' => $data,
86	'ref' => $ref,
87	];
88	wp_safe_redirect( $this->_cloud_server_dash . '/' . self::SVC_U_ACTIVATE . '?data=' . rawurlencode( Utility::arr2str( $param ) ) );
89	exit;
90	}
91
92	/**
93	* Decide the ref
94	*
95	* @param string\|false $ref Ref slug.
96	* @return string
97	*/
98	private function _get_ref_url( $ref = false ) {
99	$link = 'admin.php?page=litespeed';
100	if ( 'cdn' === $ref ) {
101	$link = 'admin.php?page=litespeed-cdn';
102	}
103	if ( 'online' === $ref ) {
104	$link = 'admin.php?page=litespeed-general';
105	}
106	// phpcs:ignore WordPress.Security.NonceVerification.Recommended
107	$ref_get = ! empty( $_GET['ref'] ) ? sanitize_text_field( wp_unslash( $_GET['ref'] ) ) : '';
108	if ( $ref_get && 'cdn' === $ref_get ) {
109	$link = 'admin.php?page=litespeed-cdn';
110	}
111	if ( $ref_get && 'online' === $ref_get ) {
112	$link = 'admin.php?page=litespeed-general';
113	}
114	return get_admin_url( null, $link );
115	}
116
117	/**
118	* Init QC setup (CLI)
119	*
120	* @since 7.0
121	*/
122	public function init_qc_cli() {
123	$this->init_qc_prepare();
124
125	$server_ip = $this->conf( self::O_SERVER_IP );
126	if ( ! $server_ip ) {
127	self::debugErr( 'Server IP needs to be set first!' );
128	$msg = sprintf(
129	__( 'You need to set the %1$s first. Please use the command %2$s to set.', 'litespeed-cache' ),
130	'`' . __( 'Server IP', 'litespeed-cache' ) . '`',
131	'`wp litespeed-option set server_ip __your_ip_value__`'
132	);
133	Admin_Display::error( $msg );
134	return;
135	}
136
137	// WPAPI REST echo dryrun
138	$echobox = self::post( self::API_REST_ECHO, false, 60 );
139	if ( false === $echobox ) {
140	self::debugErr( 'REST Echo Failed!' );
141	$msg = __( "QUIC.cloud's access to your WP REST API seems to be blocked.", 'litespeed-cache' );
142	Admin_Display::error( $msg );
143	return;
144	}
145
146	self::debug( 'echo succeeded' );
147
148	// Load separate thread echoed data from storage
149	if ( empty( $echobox['wpapi_ts'] ) \|\| empty( $echobox['wpapi_signature_b64'] ) ) {
150	self::debug( 'Resp: ', $echobox );
151	Admin_Display::error( __( 'Failed to get echo data from WPAPI', 'litespeed-cache' ) );
152	return;
153	}
154
155	$data = [
156	'wp_pk_b64' => $this->_summary['pk_b64'],
157	'wpapi_ts' => $echobox['wpapi_ts'],
158	'wpapi_signature_b64' => $echobox['wpapi_signature_b64'],
159	'server_ip' => $server_ip,
160	];
161
162	$res = $this->post( self::SVC_D_ACTIVATE, $data );
163	return $res;
164	}
165
166	/**
167	* Init QC CDN setup (CLI)
168	*
169	* @since 7.0
170	*
171	* @param string $method Method.
172	* @param string\|bool $cert Cert path.
173	* @param string\|bool $key Key path.
174	* @param string\|bool $cf_token Cloudflare token.
175	*/
176	public function init_qc_cdn_cli( $method, $cert = false, $key = false, $cf_token = false ) {
177	if ( ! $this->activated() ) {
178	Admin_Display::error( __( 'You need to activate QC first.', 'litespeed-cache' ) );
179	return;
180	}
181
182	$server_ip = $this->conf( self::O_SERVER_IP );
183	if ( ! $server_ip ) {
184	self::debugErr( 'Server IP needs to be set first!' );
185	$msg = sprintf(
186	__( 'You need to set the %1$s first. Please use the command %2$s to set.', 'litespeed-cache' ),
187	'`' . __( 'Server IP', 'litespeed-cache' ) . '`',
188	'`wp litespeed-option set server_ip __your_ip_value__`'
189	);
190	Admin_Display::error( $msg );
191	return;
192	}
193
194	if ( $cert ) {
195	if ( ! file_exists( $cert ) \|\| ! file_exists( $key ) ) {
196	Admin_Display::error( __( 'Cert or key file does not exist.', 'litespeed-cache' ) );
197	return;
198	}
199	}
200
201	$data = [
202	'method' => $method,
203	'server_ip' => $server_ip,
204	];
205	if ( $cert ) {
206	$data['cert'] = File::read( $cert );
207	$data['key'] = File::read( $key );
208	}
209	if ( $cf_token ) {
210	$data['cf_token'] = $cf_token;
211	}
212
213	$res = $this->post( self::SVC_D_ENABLE_CDN, $data );
214	return $res;
215	}
216
217	/**
218	* Link to QC setup
219	*
220	* @since 7.0
221	*/
222	public function link_qc() {
223	if ( ! $this->activated() ) {
224	Admin_Display::error( __( 'You need to activate QC first.', 'litespeed-cache' ) );
225	return;
226	}
227
228	$data = [
229	'wp_ts' => time(),
230	];
231	$data['wp_signature_b64'] = $this->_sign_b64( $data['wp_ts'] );
232
233	// Activation redirect
234	$param = [
235	'site_url' => site_url(),
236	'ver' => Core::VER,
237	'data' => $data,
238	'ref' => $this->_get_ref_url(),
239	];
240	wp_safe_redirect( $this->_cloud_server_dash . '/' . self::SVC_U_LINK . '?data=' . rawurlencode( Utility::arr2str( $param ) ) );
241	exit;
242	}
243
244	/**
245	* Show QC Account CDN status
246	*
247	* @since 7.0
248	*/
249	public function cdn_status_cli() {
250	if ( ! $this->activated() ) {
251	Admin_Display::error( __( 'You need to activate QC first.', 'litespeed-cache' ) );
252	return;
253	}
254
255	$data = [];
256	$res = $this->post( self::SVC_D_STATUS_CDN_CLI, $data );
257	return $res;
258	}
259
260	/**
261	* Link to QC Account for CLI
262	*
263	* @since 7.0
264	*
265	* @param string $email Account email.
266	* @param string $key API key.
267	*/
268	public function link_qc_cli( $email, $key ) {
269	if ( ! $this->activated() ) {
270	Admin_Display::error( __( 'You need to activate QC first.', 'litespeed-cache' ) );
271	return;
272	}
273
274	$data = [
275	'qc_acct_email' => $email,
276	'qc_acct_apikey'=> $key,
277	];
278	$res = $this->post( self::SVC_D_LINK, $data );
279	return $res;
280	}
281
282	/**
283	* API link parsed call to QC
284	*
285	* @since 7.0
286	*
287	* @param string $action2 Action slug.
288	*/
289	public function api_link_call( $action2 ) {
290	if ( ! $this->activated() ) {
291	Admin_Display::error( __( 'You need to activate QC first.', 'litespeed-cache' ) );
292	return;
293	}
294
295	$data = [
296	'action2' => $action2,
297	];
298	$res = $this->post( self::SVC_D_API, $data );
299	self::debug( 'API link call result: ', $res );
300	}
301
302	/**
303	* Enable QC CDN
304	*
305	* @since 7.0
306	*/
307	public function enable_cdn() {
308	if ( ! $this->activated() ) {
309	Admin_Display::error( __( 'You need to activate QC first.', 'litespeed-cache' ) );
310	return;
311	}
312
313	$data = [
314	'wp_ts' => time(),
315	];
316	$data['wp_signature_b64'] = $this->_sign_b64( $data['wp_ts'] );
317
318	// Activation redirect
319	$param = [
320	'site_url' => site_url(),
321	'ver' => Core::VER,
322	'data' => $data,
323	'ref' => $this->_get_ref_url(),
324	];
325	wp_safe_redirect( $this->_cloud_server_dash . '/' . self::SVC_U_ENABLE_CDN . '?data=' . rawurlencode( Utility::arr2str( $param ) ) );
326	exit;
327	}
328
329	/**
330	* Reset QC setup
331	*
332	* @since 7.0
333	*/
334	public function reset_qc() {
335	unset( $this->_summary['pk_b64'] );
336	unset( $this->_summary['sk_b64'] );
337	unset( $this->_summary['qc_activated'] );
338	if ( ! empty( $this->_summary['partner'] ) ) {
339	unset( $this->_summary['partner'] );
340	}
341	$this->save_summary();
342	self::debug( 'Clear local QC activation.' );
343
344	$this->clear_cloud();
345
346	Admin_Display::success( sprintf( __( 'Reset %s activation successfully.', 'litespeed-cache' ), 'QUIC.cloud' ) );
347	wp_safe_redirect( $this->_get_ref_url() );
348	exit;
349	}
350
351	/**
352	* Check if activated QUIC.cloud service or not
353	*
354	* @since 7.0
355	* @access public
356	*/
357	public function activated() {
358	return ! empty( $this->_summary['sk_b64'] ) && ! empty( $this->_summary['qc_activated'] );
359	}
360
361	/**
362	* Show my.qc quick link to the domain page
363	*
364	* @return string
365	*/
366	public function qc_link() {
367	$data = [
368	'site_url' => site_url(),
369	'ver' => LSCWP_V,
370	'ref' => $this->_get_ref_url(),
371	];
372	return $this->_cloud_server_dash . '/u/wp3/manage?data=' . rawurlencode( Utility::arr2str( $data ) ); // . (!empty($this->_summary['is_linked']) ? '?wplogin=1' : '');
373	}
374	}
375